CVE-2019-9506

CWE-310CWE-327Broken Cryptographic Algorithm18 documents12 sources
Severity
8.1HIGH
EPSS
4.5%
top 10.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
63
Huawei Alp-al00b FirmwareHuawei Ares-al00b FirmwareHuawei Ares-al10d Firmware+60 more
Timeline
PublishedAug 14
Latest updateMay 24

Description

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages52 packages

CVEListV5bluetooth/br/edr5.15.1
NVDhuawei/bla-l29c_firmware< 9.1.0.300\(c605e2r1p12t8\)+4
NVDhuawei/figo-l23_firmware< 9.1.0.160\(c605e6r1p5t8\)
NVDhuawei/figo-l31_firmware< 9.1.0.122\(c09e7r1p5t8\)+5
NVDhuawei/honor_20_firmware< 9.1.0.143\(c675e8r2p1\)+1

Also affects: Debian Linux 8.0, Ubuntu Linux 16.04, 18.04, 19.04, Enterprise Linux 8.0, 7.5, 7.6, 7.7, 8.1, 8.2, 8.4, 7, 8, 7.3, 7.4

🔴Vulnerability Details

3
GHSA
GHSA-5xj4-2499-67mw: The Bluetooth BR/EDR specification up to and including version 52022-05-24
CVEList
Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation2019-08-14
OSV
CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 52019-08-14

📋Vendor Advisories

12
Ubuntu
Linux kernel vulnerabilities2019-10-04
Ubuntu
Linux kernel (AWS) vulnerabilities2019-09-02
Ubuntu
Linux kernel vulnerabilities2019-09-02
Microsoft
Encryption Key Negotiation of Bluetooth Vulnerability2019-08-13
Cisco
Key Negotiation of Bluetooth Vulnerability2019-08-13

💬Community

2
Bugzilla
CVE-2019-9506 kernel: : hardware: bluetooth : BR/EDR encryption key negotiation attacks (KNOB) [fedora-all]2019-08-19
Bugzilla
CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)2019-07-08